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(57) Abstract: A method for 
using a device that incorporates 
a magnetic stripe card reader 
head with a smart chip and can be 
connected to a computer network 
such as the Internet to authenticate 
a user to a remote server on the 
network. The method involves 
reading data from the magnetic 
stripe (101), verifying data from 
the magnetic stripe (102), receiving 
a personal identification number 
entered on a keyboard on the 
device (103), verifying the personal 
identification number (104), 
encrypting with a key contained in 
the smart chip a piece of data for 
sending to the remote server along 
with information identifying the 
source (106), and, on the remote 
server, looking up an appropriate 
key for decryption based on the 
identification of the source and 
verifying the authentication if the 
decryption is successful (108). 
Variations on the method include 
verifying the mag-stripe data on a remote server instead of within the smart chip, verifying the PIN on a remote server instead of 
within the smart chip, and adding various kinds of information to be sent to the server along with the essential elements required 
for authentication. The method may be used to authenticate digital signatures or signature guarantees, or for transactions using 
debit cards or credit cards. If the reader device with a smart chip is owned by a merchant, the merchant can further authenticate 
himself with a personal identification number, and the card holder will swipe his card into the device and identify himself with 
a second personal identification number. 
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NETWORK AUTHENTICATION WITH SMART CHIP AND MAGNETIC STRIPE 



Relation to Previous Application 

This application is a continuation-in-part of application U.S. Patent 
5 Application, Serial No. 09/322,670 filed on May 28, 1999. 

Technical Field: 

The invention relates to methods in networked computer systems for 
authenticating a user to a server using a magnetic stripe card and a card reader with 
10 a smart chip connected to or embedded in a user device such as a computer or 
cellular telephone. 



Background of the Invention: 

Many forms of plastic cards have magnetic stripes that contain the 

15 cardholder's personal information, e.g., name and card account number. There are 
readers for reading the magnetic stripes at many retail point-of-sale locations. Debit 
cards can be used at these locations by swiping the card through the reader and 
entering a personal identification number (PIN) into the reader's keypad. Adequate 
authentication of the user is achieved by a secure communications connection 

20 between the reader and a remote computer/server and by the cardholder possessing 
a debit card that can be read by the reader and knowing the PIN associated with the 
card. 

For transactions on unsecure networks such as the internet, the above- 
described secure authentication features are not available. There is no adequately 

25 secure communications connection between a card reader that is connected to the 
user's host computer and the remote computer/server. 

Various companies, including IBM, Hewlett-Packard, Intel, and Wave have 
proposed solving this problem by including a "smart chip" in each personal computer 
for secure authentication. The smart chip stores or creates on command a unique, 

30 encrypted identification code that cannot be read but can be used to prove the 

identification of the chip to a remote computer/server across a communications line. 
Thus, proper decryption of this code by the server provides a secure identification of 
the computer. Presumably, the owner of the host computer with the smart chip can 
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be held responsible for its use. Entry of a PIN at a keyboard connected to the host 
computer may also be required. With the ability to prove which host computer 
placed a communication for a transaction and that a particular PIN was used, 
adequate secure authentication will be achieved for many network transactions. 

Other companies have proposed the use of smart cards placed in a smart- 
card reader at each host computer for secure authentication. Each smart card 
includes a smart chip as described above. The smart card is guarded by its owner 
like a key. The person who possesses the smart card is presumed to be its proper 
owner. Entry of a PIN at a keyboard connected to the host computer to which the 
smart card reader is connected can also be required. With the ability to prove which 
smart card was used for a transaction and that the PIN associated with the smart 
card was also used, adequate secure authentication will be achieved for many 
network transactions. 

SUMMARY OF THE INVENTION 

The invention is a method for using a device that incorporates a mag-stripe 
card reader head with a smart chip and can be connected to a computer network 
such as the internet. The device includes a slot for swiping a mag-stripe card, a read 
head within the slot, and a secure identity circuit for authentication (smart chip). For 
purposes of this discussion, a smart chip (authentication circuit) is a circuit that can 
perform authentication to a remote server across a network by confirming a unique 
identification to the remote server without revealing to the local computer or any 
intervening device in the communications link enough information that, if captured, 
can be used to imitate the smart chip. Such chips are well known. They generally 
work by using a secret key to encrypt a piece of information. If the appropriate 
decryption key successfully decrypts the information, the identity is authenticated. 

The authentication circuit (smart chip) provides a unique identity of the device 
and the person to whom the smart chip was issued is kept in a database. Although 
the mag-stripe card can be duplicated or imitated, unlike the smart chip, and is 
therefore less secure than the smart chip, requiring the use of a mag-stripe card with 
certain information which matches information contained within a database as well 
as the smart chip increases the confidence of authentication. Therefore, such a 
device provides additional security to a transaction on an unsecure network such as 
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the internet because the user was required to possess both the magnetic stripe card 
with appropriate information and a smart chip that authenticates to the server, 
thereby increasing the security of authentication. 

For still greater security of authentication, a personal identification number 
5 (PIN) is also required. The PIN may be associated either with the mag-stripe card or 
with the smart chip or be a single PIN which is associated with both of them. The 
PIN may be verified by the smart chip or it may be transmitted to the server for 
verification, preferably using encryption by the smart chip before it is transmitted. 
The PIN may be entered on a keyboard of a personal computer to which the device 

10 is connected or, for better security, on a keypad on the device with the smart chip. 
The reader device with the smart chip may be used by a merchant to 
authenticate himself to a financial institution using the smart chip and a PIN. The 
merchant may then swipe a payment card, such as a credit card or debit card, from a 
customer to perform a card present financial transaction. If the entry of a PIN is 

1 5 required of the customer, the customer can enter a second PIN on the keypad. 
When used for this purpose, the merchant will have entered a PIN to authenticate 
the identity of the merchant and the customer will also have entered a PIN to 
authenticate the identity of the customer. 

If the user device is configured to work with several different mag-stripe cards, 

20 each can require a different PIN. Information from the mag-stripe card is passed to 
the smart chip which then determines which PIN is required based on that 
information and based on information securely stored in the smart chip's memory. 
Also, the information read from the magnetic stripe card can be used to verify that an 
appropriate card has been swiped. If the information read from the card does not 

25 match processing requirements securely stored in the smart chip, the required 
authentication will fail. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Figure 1 shows the invented method in a preferred embodiment. 
30 Figure 2 shows a variation of the invented method where data from the mag- 

stripe is verified on a server. 

Figure 3 shows an elaboration of the method for use in payment card 
transactions. 

3 
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Figure 4 is a side plan view of a card reader with smart chip. 
Figure 5 is a block diagram of the circuitry for the card reader of Figure 4. 
Figure 6 is a top plan view of a cellular telephone that includes a smart chip 
and card reader. 

5 Figure 7 is a front perspective view of a computer system to which is 

connected the card reader of Figure 4. 

DETAILED DESCRIPTION OF THE INVENTION 

Each card reader is uniquely identified by a smart chip, which may be on a 

10 removable card, and each smart chip is associated with a respective owner through 
the unique identification. The unique identification code of the smart chip is 
registered on a remote central computer/server in association with accurate 
identification of the owner to whom the smart chip was issued. Using a secure PIN, 
the smart chip owner can access the functions of the smart chip. When a cardholder 

1 5 places a mag-stripe card in the reader, the name or other identification is read from 
the card and is compared with an identification on the central computer/server 
associated with the unique identification code stored in or generated by the smart 
chip. If the name and code do not match, then the transaction may be disallowed for 
inadequate authentication. By this process, two hardware items are required to 

20 authenticate the user: a mag-stripe card containing certain information and a smart 
chip with a secure authentication feature proving a certain identification. Requiring 
both together provides a more secure authentication than requiring either alone. For 
further security, a PIN may also be required. 

The card reader is preferably portable and easily connected to or 

25 disconnected from the cardholders computer or any other host computer. This 

allows the cardholder to easily guard his/her possession of the reader and to permit 
others to use his/her computer without a security risk. Alternatively, the smart chip 
may be removable to achieve the same security. Unlike prior art smart card 
systems, however, possession of only the smart-card reader and knowledge of a PIN 

30 is not enough to establish authentication. A mag-stripe card encoded with either a 
name that matches the name of the cardholder to which the reader was issued or a 
number that is on the authorized list is also required. Therefore, because the mag- 
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stripe card reader with smart chip is like a key, it is aptly described as a card reader 
with an electronic key. 

To perform the authentication, the smart chip encrypts the identification code 
and magnetic-stripe information according to conventional encryption techniques. 
5 Alternatively, the identification code may be stored in encrypted form on the smart 
chip or the information may be stored in encrypted form on the magnetic stripe for 
processing by the smart chip before being sent to the server. In such a case, the 
microcontroller does not alter the code or the magnetic-stripe information before 
sending it to the remote computer/server. 

1 0 Then, the remote computer/server determines whether the cardholder 

identified by the magnetic-stripe information is authorized to use the card reader 
having a smart chip with the unique identification code. Typically, the remote 
computer/server stores the information for the cardholder who is authorized to use 
the particular card reader. Therefore, if the magnetic-stripe information corresponds 

1 5 to cardholder information stored for the unique code, then the remote 

computer/server allows the transaction to proceed. If, however, the magnetic-stripe 
information does not correspond to the cardholder information stored for the unique 
identification code, then the remote computer/server cancels the transaction. 

Methods Performed by the User Device and Servers 

20 Figure 1 shows the preferred method for using a card with a magnetic stripe 

and a smart chip to authenticate a user. In step 101 , data is read from the magnetic 
stripe on the card by the magnetic stripe reader head. The data is processed in the 
local device, step 102. The functions of the local device may be performed in the 
smart chip or, for those functions which do not require the security of a smart chip, in 

25 an auxiliary processor. The data read from a card is verified, either by merely 
confirming that it appears to be complete and in the correct format or by using a 
secure storage feature of the smart chip to determine that the data read from the 
magnetic stripe, such as a user name or account number, matches data securely 
stored in the smart chip. 

30 In step 102, information which is a function of the data read from the magnetic 

stripe, f(data), is stored in the smart chip or in an auxiliary memory. What is stored 
can be a portion of the original data or a hash of part of the original data or a 
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signature generated from part of the original data or an encryption of the data or any 
other information which is derived from the data and varies as a function of the data 
contents. 

Once f(data) has been stored, the process proceeds to step 103. In step 103, 
5 the user enters a personal identification number (PIN) at a keyboard. The keyboard 
is preferably not connected to a personal computer because they are unsecure and 
can be monitored by unauthorized software to capture the user's personal 
identification number. The keyboard is preferably located on a device containing the 
smart chip which is, in turn, connected to the personal computer such that the PIN is 

1 0 never transmitted to the personal computer. 

In step 104, the PIN is verified. This can be accomplished in many ways. 
The preferred method is to use the well known PIN function of a smart chip. 
Alternatively, the PIN can be encrypted by an encryption function of the smart chip or 
a separate encryption circuit and transmitted to a remote server for verification. The 

15 PIN can be a PIN which is associated with the card or a PIN which is associated with 
the smart chip or a single PIN which is associated with both of them. If the 
information in the smart chip is configured to work with several mag-stripe cards, the 
PIN verification can be done in the smart chip even though any of several different 
PINs are verifiable. 

20 Once the PIN is verified, the process proceeds to step 105. In step 105, 

information to be processed is received by the local device. If the authentication 
system is being used for a payment transaction, the information to be processed will 
be the details of the payment transaction specifying a dollar amount or a party to be 
paid or any other appropriate information. If the purpose of the authentication is to 

25 establish a digital signature which can not be repudiated, the information to be 

processed will consist of the document to be signed with the digital signature. If the 
purpose of the authentication is to allow an authorized person to make use of a 
secure network, the information to be processed will typically be a user name or a 
password for the network. 

30 In step 106, the information derived from the mag-stripe, f(data), is combined 

with information to be processed and the smart chip is used to encrypt or sign the 
combined information with a key that a recipient can decrypt or verify. 
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In step 107, the signed or encrypted combined information is transmitted on 
an unsecure network or placed in a storage device for physical transmission to a 
recipient. 

In step 108, the recipient identifies the appropriate key to use for decrypting 
5 the signature or the entire combined information based on an identification of the 
sender. The identification of the sender can be determined from an identification of 
the smart chip or data from the mag-stripe card. The recipient then uses the key to 
decrypt the signature or combined information. If the decryption is successful, this 
authenticates the identification of the smart chip that was used and reveals f(data) 
10 derived from magnetic stripe information on the card which can then be compared to 
records in a database to verify that the correct card (or a counterfeit thereof) was 
present. 

In the process just described, the user was authenticated based on (1) 
possession of a magnetic stripe card with appropriate data and (2) possession of a 

15 smart chip with an appropriate encryption key and (3) knowledge of an appropriate 
personal identification number (PIN). 

Figure 2 illustrates some variations on the method shown in Figure 1. One of 
the variations is that a personal identification number is not required. Another 
variation is that the verification of data read from the mag-stripe on the card is done 

20 on a remote server before the smart chip is used to encrypt or sign information such 
that when the information is decrypted authentication of the smart chip is 
established. The server that verifies the mag-stripe data before the process is 
allowed to proceed may be a different server from the server that receives the 
information to be processed. 

25 In step 111, data is read from the mag-stripe on the card. In step 112, this 

data is encrypted and forwarded to a server via an unsecure network. In step 113, 
the mag-stripe information is decrypted to verify that the correct mag-stripe card has 
been read. Of course, for the essential purposes of the invented method, the mag- 
stripe data need not be encrypted before being forwarded to the server for 

30 verification. However, to minimize security risk, it is preferable to encrypt the 

information before transmission on the unsecure network. If the information on the 
card is verified, the process, on both the local device and on the server, then 
proceeds to the next step. 

7 
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In step 114, information to be processed is received at the local device with a 
smart chip. At step 115, the information or a part of the information or a hash of the 
information is encrypted or signed and transmitted on the network. At step 116, the 
server is ready to receive the encrypted or signed information because it has already 
5 verified the data from the mag-stripe or has received a message from another server 
that this step was accomplished successfully. It then decrypts the information to 
verify that it was encrypted with a key contained within the appropriate smart chip. 
The user has now been authenticated based on both the smart chip and the data 
from the mag-stripe. In step 117, the information which has been authenticated is 

10 forwarded to recipients who rely on the authentication. 

Figure 3 shows how the authentication based on a smart chip and a mag- 
stripe card is performed in the context of payment card transactions. A variation 
illustrated in Figure 3 is a step of mutual authentication between the user device and 
an authentication server. 

15 In step 121 , a personal account number (PAN) is read from the magnetic 

stripe on a payment card, which may be a credit card or debit card or ATM card. In 
step 122, the PAN is verified by the smart chip. The smart chip contains a copy of 
the PAN or data which is derived from the PAN, f(PAN), in its secure memory where 
it cannot be extracted from the smart chip. For the verification process, the PAN 

20 read from the mag-stripe card is loaded into the smart chip which performs a routine 
to compare it to the PAN or f(PAN) within its secure memory. The smart chip then 
returns a verification that the PAN is correct or a denial that it is not correct. Then, 
somewhere in the user device, in the smart chip or in other memory, information 
which is a function of the PAN, f(PAN), is stored. If the PAN is verified, the process 

25 proceeds to the next step. If not, the process is aborted. The step of verifying the 
PAN can be omitted to allow any card to be used with the user device as discussed 
below. 

In step 123, a PIN entered by a user is received from the keyboard. As 
discussed above, the keyboard is preferably connected to the user device but not to 
30 a local personal computer. In step 124, the PIN is verified by the smart chip. If the 
PIN is verified, the process proceeds to the next step. If it is not, the process is 
aborted. 
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In step 125, the smart chip in the user device initiates a communication to an 
authentication server across a network. At this point, the PAN has been verified and 
the PIN has been verified. Now the authentication server verifies the identification of 
the smart chip using any of several well established smart chip authentication 
5 procedures, step 126. The authentication may be one sided, as just described, from 
the user device to the server. Preferably, the server also authenticates itself to the 
user device by sending to the user device an encrypted nonce which only the user 
device with a key contained within secure memory in the smart chip can decrypt. If 
the user device properly authenticates itself to the server and the server properly 
10 authenticates itself to the user device, the user device will then proceed to the next 
step. 

At this point, the user has been authenticated by possession of a positively 
identified smart chip, possession of a card with a magnetic stripe (or a counterfeit 
thereof) and knowledge of a personal identification number. As mentioned above, 

1 5 the requirement of the PIN can be omitted. If any one of these three required 
elements has failed, the process is aborted. 

In step 127, transaction data is received by the user device. This will typically 
be a dollar amount and an identification of a merchant to be paid. Because the 
personal account number will be required for subsequent processing of the 

20 transaction, f(PAN) is combined with the transaction data and the two are encrypted 
or signed using the smart chip, step 128. The encrypted or signed data is 
transmitted across an unsecure network to a recipient. 

At step 129, the recipient computer decrypts the encrypted or signed data. If 
decryption is successful, this verifies that a particular key was used which key is 

25 contained only in a certain smart chip, thereby authenticating that the particular 

smart chip was used. To determine which key to use for decryption, the owner of the 
smart chip is verified based upon the personal account number which was 
transmitted in one form or another as f(PAN). 

As an alternative embodiment, instead of using f(PAN) to look up the key to 

30 use for decryption, other unencrypted information identifying the smart chip can be 
sent along with the transaction data and f(PAN). This other information can then be 
used to find the key for decrypting a message encrypted with that smart chip. In this 
embodiment, the mag-stripe card that is used in step 121 can be a card that does 

9 
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not belong to the person who owns the smart chip used for encryption in step 128. 
For example, the reader with smart chip can be a merchant who wishes to accept a 
credit card or a debit card for payment. In this case, in addition to the smart chip 
owner entering a PIN in step 123, the card holder can be required to enter a PIN for 
5 the cardholder for verification by a server. If the card was a credit card, the fact that 
f(PAN) was derived from data read from the card provides a verification that the card 
was present. If the card is a debit card, the card owner has entered the appropriate 
PIN which is then encrypted along with f(PAN) in step 128 and forwarded to the 
recipient for verification of the PIN entered by the cardholder. 

10 If additional security is desired in any of the above described methods or 

variations, the server can transmit to the user device a challenge seeking a response 
that only an authentic user would know, such as date of birth, mother's maiden 
name, social security number, PIN, etc. The challenge can be presented on a 
screen display at the user's location, typically a personal computer or cell phone. 

15 The response entered by the user can be sent, with or without encryption, to the 
server as an additional authentication step. 

In addition to the suggested uses for payment card transactions, the invented 
method can be used for additional security for digital signatures. By requiring the 
party making the signature to possess both the proper smart chip and the proper 

20 card with a magnetic stripe, it becomes more difficult for the owner of these two 
devices to later repudiate his signature and claim that he was impersonated. This 
can have particular value for parties who wish to guarantee signatures of others in 
transactions such as stock transfer transactions. In these situations, the company 
responsible for making stock transfers relies on a trusted party to guarantee the 

25 signature of the transferor who is someone that the guarantor knows or has meet in 
person to satisfy himself on identification. The guarantor then needs to apply his 
own digital signature so that the transaction information can be immediately 
transferred by a network for execution. By requiring the guarantor to possess both 
the magnetic stripe card with appropriate data and a smart chip with an appropriate 

30 securely stored encryption key, the stock transfer company can be confident that 
they are dealing with the guarantor and not an impersonator. 

User Device Hardware Description 
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The mag-stripe card reader with smart chip may be embodied in a PCMCIA 
card for insertion into a PCMCIA slot, in an external card reader that plugs into a 
serial or parallel port or keyboard port such as the Innovonics device (Figure 1 1 of 
US Patent 5,815,577), or in a device which is mounted in the case of a personal host 
5 computer much like a disk drive or CD-ROM drive. Because the reader includes a 
smart chip, which may be removable, the smart chip may be used for other familiar 
smart chip functions such as digital signatures or storing electronic cash for micro- 
payments. The mag-stripe reader with smart chip may be coupled to a computer 
system or to a web TV system by any of the familiar methods: serial port, parallel 

10 port, keyboard port, USB port, infrared link, PCMCIA slot, or simulation of a floppy 
disk in a disk drive as disclosed in US patent application serial number 09/322,669 
by one of the same inventors. 

The mag-stripe card reader with smart chip may be incorporated into another 
portable device such as a cellular telephone (Figure 6) or personal digital assistant 

15 (PDA). When incorporated into a cellular telephone, a credit card or debit card may 
be used to charge a telephone call or remotely authorize a charge to the account for 
any other reason, or the owner can download cash (telephone usage credits) into the 
smart chip and then give the telephone to another to use with the stored credits as a 
limit on the amount of telephone charges that can be incurred. Similarly, when 

20 incorporated into a PDA, it may be used with the PDA's communication features. 

Figure 4 is a side plan view of a card reader 10 according to an embodiment 
of the invention. The reader 10 includes a housing 12 having a slot 14 for receiving 
a card 16 having a magnetic stripe 18. The slot 14 provides adequate clearance for 
receiving the card but a tight enough fit to ensure that the magnetic stripe 18 is 

25 properly aligned for reading. A conventional magnetic read head 20 reads the 

information stored on the magnetic stripe 18 as the card 16 is inserted into the slot 
14. An optional and conventional sensor 22 senses whether the card is present 
within the slot 14. A smart chip 24, which may be removable such as by mounting 
on a smart card or on a SIM, contains a unique code that identifies the card reader 

30 10. A cable 26 allows communication to a host computer such as a personal 

computer, or the card reader 10 may be wireless, and thus include a radio or infrared 
transmitter instead of the cable 26. A light-emitting-diode (LED) array 28 or other 
display indicates the status of the card-reader 10. An optional keyboard, shown as 
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component 60 in Figure 7, allows the user to enter a personal identification number 
(PIN). With the keyboard and a removable smart chip on a card placed in smart card 
slot 62 in Figure 7, this device is essentially the same as shown in Figure 11 of US 
Patent 5,815,577 to Innovonics. 

The smart chip 24 may be programmed for authentication via dual key 
(public/private) encryption such as for use with the secure electronic transactions 
(SET) protocol. Alternatively, the smart chip 24 may include electronic-key circuitry 
that is capable of authentication by securely encrypting a unique identifier and 
transmitting it to a remote computer/server such as with DES encryption or another 
encryption protocol. 

Figure 5 is a schematic block diagram of a circuit 30 for the card reader 10 of 
Figure 4. The circuit 30 includes the smart chip 24 and the LED 28. In addition, the 
circuit 30 includes optional card detection/retention circuitry 32. In one embodiment, 
the circuitry 32 includes the card sensor 22 (Figure 4) and monitors whether the card 
16 (Figure 4) is inserted within the slot 14 or not. In another embodiment, the 
circuitry 32 includes conventional hardware for retaining the card 16 within the slot 
14 until a transaction is complete. Additionally, if the user enters a wrong PIN 
number for more than a predetermined number of times or performs some other 
incorrect act, the circuitry 32 may permanently retain the inserted card on the basis 
that the user is not authorized to possess it. Magnetic-stripe read circuitry 34 
includes the read head 20 (Figure 4) and reads the magnetically encoded data from 
the magnetic stripe 18 and converts it into a digital read signal. A microcontroller 36 
is coupled to the smart chip 24, the LED circuit 28, the detection circuit 32, and the 
read circuitry 34. In one embodiment, the microcontroller 36 includes a processor, 
buffers, memory, and other peripheral circuits. Alternatively, the microcontroller 
functions may be preformed by a microcontroller in the smart chip or by a 
programmable logic array or other logic circuit. 

Referring to Figures 4 and 5, in operation, a cardholder inserts the card 16 
into the slot 14 of the card reader 10 after the LED array 28 indicates that the reader 
10 is ready to accept the card 16. As the magnetic stripe 18 moves by the read 
head 20, the head 20 senses the magnetically encoded information on the stripe 18 
and converts this information into electrical signals. The read circuitry 34 then 
converts these electrical signals into a digital signal that represents the stored 
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information and provides this digital signal to the microcontroller 36. After the 
microcontroller 36 receives this stored information, it causes the LED to indicate 
successful reading. Additionally, the sensor 22 generates a signal indicating that the 
card 16 has been inserted into the slot 14, and the circuitry 32 provides this signal to 
5 the microcontroller 36. 

Next, the microcontroller 36 obtains the unique identification code from the 
smart chip 24, which is preferably generated by encryption of data received from an 
external source, and provides this unique code and the information read from the 
magnetic stripe 18 to a remote computer/server via the host computer to which the 

10 card reader 10 is connected. 

The microcontroller may also send confirmation to the remote 
computer/server that the card 16 is inserted within the slot 14, i.e., that the card 16 
has not been removed from the slot 14 since the magnetic-stripe information has 
been read. The remote computer/server may cancel the requested transaction if the 

15 card 16 is removed from the slot 14 before the transaction is complete. The circuitry 
32 provides information to the microcontroller 36 as to the relative position of the 
card 16 with respect to the slot 14. In one embodiment, the card sensor 22 detects 
when the cardholder removes the card 16 from the slot 14, and the circuitry 32 
notifies the microcontroller 36. If the transaction is not completed, then the 

20 microcontroller 36 notifies the remote computer/server of the premature card 

removal, and the remote computer/server may cancel the transaction in response to 
this notification. Alternatively, the remote computer/server may periodically poll the 
microcontroller 36, which notifies the remote computer/server of the card position 
(inserted or removed) with respect to the slot 14. 

25 Still referring to Figures 4 and 5, the card sensor 22 and the card detection 

circuitry 32 are omitted from the card reader 10 in another embodiment of the 
invention. In this embodiment, the microcontroller 36 determines that the card 16 is 
inserted into the slot 14 in response to receiving the magnetic-stripe information from 
the read circuitry 34 as the cardholder inserts the card 16 into the slot 14. Likewise, 

30 the microcontroller 36 determines that the card 16 is removed from the slot 14 in 

response to receiving the magnetic-stripe information as the cardholder removes the 
card 16 from the slot 14. Therefore, in one embodiment, the microcontroller 36 
receives the magnetic-stripe information as the cardholder inserts the card 16 into 
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the slot 14 and sets a corresponding flag. As long as the microcontroller 36 does not 
re-receive this information, it determines that the card 16 is present within the slot 14 
and does not reset the flag. But once the microcontroller 36 receives the magnetic- 
strip information again, it determines that the cardholder is removing or has removed 
5 the card 16 from the slot 14 and thus resets the flag. The microcontroller 36 may 
then notify the remote computer/server of the card's removal as discussed above. 

Figure 6 is front plan view of a cellular telephone 40, which includes a card 
reader according to an embodiment of the invention. The telephone 40 includes a 
case 42 and a card slot 44 formed therein. The telephone 40 also includes the smart 

10 chip 24 t which might be removable by mounting on a SIM chip such as is commonly 
used in cellular telephones, and the read head 20, and may include the card sensor 
22, of Figure 4 and the circuitry 30 of Figure 5. Alternatively, the telephone 40 may 
omit the sensor 22 and use the microcontroller 36 to determine the card position with 
respect to the slot 44 as described above. The slot 44 has a stop 46 to hold the card 

1 5 in place while the transaction is taking place. The telephone 40 transmits the unique 
identification code from the smart chip, information read from the magnetic stripe 18 
of the card 16 (Figure 4), and other transaction information via an antenna 48 and 
cellular network (not shown) to the remote computer/server. 

Figure 7 is a front view of a computer system 50, which includes the card 

20 reader 10 according to an embodiment of the invention with a slot 14 for the mag- 
stripe card. The system 50 includes a computer 52 and a monitor 54, keyboard 56, 
and mouse 58 connected to the computer 52. The keypad 60 on the card reader is 
shown, as well as the slot 62 for removing the smart chip which is mounted on a 
smart card. This embodiment is essentially the same as shown in Figure 11 of US 

25 Patent 5,815,577 to Innovonics. Alternatively, the card reader with smart chip may 
be incorporated into the personal computer. 

From the foregoing it will be appreciated that, although specific embodiments 
of the invention have been described herein for purposes of illustration, various 
modifications may be made without deviating from the spirit and scope of the 

30 invention which is defined in the following claims. 
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What is claimed: 

1 . A method performed in a server on a network for securely 
authenticating to the server a user having a magnetic stripe card and a user device 
including a smart chip connected to a magnetic stripe reader, comprising the steps 
of: 

5 a. receiving at the server information including a user device 

identification in a form for identifying a smart chip connected to a magnetic stripe 
reader and a card identification in a form for identifying a card read by said reader 
from a magnetic stripe on a card; 

b. decrypting said user device identification and comparing the 
10 decrypted identification to records in a database to find a match; 

c. comparing said card identification to records in a database to 
find a match; and 

d. approving the user as authentic if a record matches the 
decrypted user device identification and that record is associated with a record that 

15 matches the card identification. 

2. The method of claim 1 further comprising: 

e. receiving at the server a personal identification number; and 

f. comparing the received personal identification number to 
records in a database to find a match. 

20 3 - A method for securely authenticating to a server on a network the 

identity of a user having a magnetic stripe card and a user device including a smart 
chip, a keyboard and a magnetic stripe reader, comprising the steps of: 

a. on the user device, receiving at the magnetic stripe reader a 
card identification read from a magnetic stripe on a card and transmitting said card 

25 identification to the server; 

b. on the user device, transmitting from the smart chip to the server 
a user device identification; 

c. on the user device, receiving at the keyboard an entered 
personal identification number; 

30 d. on the server, comparing said user device identification to 

records in a database to find a match; 
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e. on the server, comparing said card identification to records in a 
database to find a match; and 

f. approving the user as authentic if a record that matches the user 
device identification is associated with a record that matches the card identification, 

5 and the personal identification number satisfies a processing requirement. 

4. The method of claim 3 wherein the user device identification is 
encrypted for decryption by the server. 

5. The method of claim 3 wherein the processing requirement matches a 
personal identification number to a data record. 

10 6. The method of claim 3 wherein the processing requirement is a 

function of information read by the magnetic stripe reader. 

7. The method of claim 3 wherein the personal identification number is 
processed in the smart chip. 

8. The method of claim 3 wherein the personal identification number is 
15 transmitted to the server and processed in the server. 

9. A method for securely authenticating a user to a server on a public 
network performed in a user device including a smart chip, a keyboard and a 
magnetic stripe reader, comprising the steps of: 

a. receiving at the magnetic stripe reader information read from a 
20 magnetic stripe on a card; 

b. receiving at the keyboard an entered personal identification 

number; and 

c. processing the personal identification number and, if it satisfies 
a processing requirement which is a function of information read from the magnetic 

25 stripe, transmitting from the smart chip to the server across the public network an 
encrypted user device identification code for identifying the smart chip to the server. 

10. The method of claim 9 wherein the user device is human portable. 

1 1 . The method of claim 9, further comprising: 

d. requesting an electronic cash transaction with a server; and 
downloading electronic cash into the smart chip in the user device. 

12. The method of claim 9, further comprising: 
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d. processing the information read from the magnetic stripe and, if 
it does not satisfy a processing requirement, reaching a result of failure to 
authenticate. 

13. The method of claim 9, further comprising: 

d. receiving other information to be processed and forwarding said 
information to the server along with the encrypted user device identification code for 
identifying the smart chip to the server. 

14. A method for securely authenticating a user to a server on a public 
network performed in a user device including a smart chip, a keyboard and a 
magnetic stripe reader, comprising the steps of: 

a. receiving at the magnetic stripe reader information read from a 
magnetic stripe on a card; 

b. receiving at the keyboard an entered personal identification 

number; and 

c. processing the personal identification number and, if it satisfies 
a processing requirement which is a function of information stored within the smart 
chip, transmitting from the smart chip to the server across the public network 
information read from the magnetic stripe with an encrypted user device identification 
code for identifying the smart chip to the server. 

15. The method of claim 14 wherein the user device is human portable. 

16. The method of claim 14, further comprising: 

d. processing within the smart chip the information read from the 
magnetic stripe and, if it does not satisfy a processing requirement, reaching a result 
of failure to authenticate. 

17. The method of claim 14, further comprising: 

d. receiving other information to be processed by the server and 
transmitting it to the server. 

1 8. The method of claim 14, further comprising: 

d. receiving a second personal identification number and 
transmitting it to the server. 

19. A method for securely authenticating a user to a server on a public 
network performed in a user device including a smart chip, a keyboard and a 
magnetic stripe reader, comprising the steps of: 
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a. receiving at the magnetic stripe reader information read from a 
magnetic stripe on a card; 

b. processing the information read from the magnetic stripe and, if 
it satisfies a processing requirement, transmitting from the smart chip to the server 
across the public network an encrypted user device identification code for identifying 
the smart chip to the server. 

20. The method of claim 1 9, further comprising: 

d. receiving other information to be processed by the server and 
transmitting it to the server. 

21 . The method of claim 19, further comprising: 

d. receiving a personal identification number and transmitting it to 

the server. 

22. The method of claim 1 9, further comprising: 

d. receiving a personal identification number; and 

e. processing the personal identification number and, if it does not 
satisfy a processing requirement, reaching a result of failure to authenticate. 

23. The method of claim 1 9 wherein the user device is human portable. 

24. The method of claim 19, further comprising: 

d. requesting an electronic cash transaction with a server; and 
downloading electronic cash into the smart chip in the user device. 
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